Waa maxay weerarka fayraska Ransomware ? Sidee ku helaysaa Ransomware sideese u shaqeeyaa? Maxaa la sameeyaa ka dib weerarka ransomware? Maqaalkani waxa uu isku dayi doonaa oo ka doodi doonaa dhammaan su'aalahan oo soo jeedin doona siyaabo ku saabsan sida loola tacaalo loogana soo kabsado weerarrada Ransomware^{(Ransomware attacks)} ee kumbuyuutarrada Windows . Boostada ayaa sidoo kale ku siinaysa xiriirin aad uga warbixin karto Ransomware FBI - da , Booliiska^(Police) , ama mas'uuliyiinta ku habboon.

Ransomware wuu sii kordhayaa, iyo isticmaale kombuyuutar ahaan, waxaa laga yaabaa inaad hadda maqashay ereygan. Hadda waa nooc aad caan u ah oo malware ah oo ay adeegsadaan qorayaasha koodka xaasidka ah, si ay u faafiyaan kombuyuutarka isticmaalaha kadibna ay lacag u sameeyaan, iyaga oo ka dalbanaya lacag madaxfurasho ah isticmaalaha. Haddii ay tahay Petya ama  Locky ransomware, maalin kasta, waxaan helnaa inaan wax ka akhrino malware-kan ugu dambeeyay ee soo baxaya. Fasalkan malware-ku wuxuu u muuqdaa inuu yahay kan ugu cadcad hadda maadaama uu yahay mid aad faa'iido u leh - iyada oo lacagta lagu kasbaday hawshan xaasidnimada ah, oo ku socota malaayiin doolar. Xiritaanka faylasha iyo xogta isticmaalaha, ka dibna u dalbo lacag si aad u furto^{(Lockdown user’s files and data, and then demand money to unlock them)} - taasi waa habka operandi^{(modus operandi)} ee khadka!

Haddii kombuyuutarkaaga uu ku dhacay 'Fayraska caadiga ah', markaa Hagaha ka saarida Malware^{(Malware Removal Guide)} ayaa ku caawin doona. Laakiin haddii aad u baahan tahay inaad ka soo kabsato weerarka Ransomware , ka dib akhri.

Waa maxay Ransomware

Ransomware waa nooc ka mid ah malware-ka kaas oo lagu keeno nidaamka kombiyuutarkaaga iyada oo loo sii marayo lifaaqyada iimaylka ee cudurka qaba, wax-soo-dejin-ku-soo-dejinta^{(drive-by-downloads)} , malware-ka bulsheed lagu farsameeyay , khalkhal^{(malvertising)} , ama iyadoo aan la ogayn iyada oo la adeegsanayo mareegaha la jabsado . Marka nidaamkaaga la soo galo, ransomware wuu shaqaynayaa oo wuxuu bilaabaa siraynta iyo xidhida faylashaada.

Kadib waxay kuu soo bandhigaysaa dalab, sida caadiga ah iyada oo loo marayo pop-up shaashadda kombiyuutarkaaga oo ku weydiinaya inaad ku bixiso madax furasho lacag ah ama BitCoins , taas oo lagu beddelanayo furaha kaas oo furi doona faylasha, faylasha, iyo xogtaada aan la heli karin.

Haddii aad ku bixin waydo dambiilayaasha internetka ee Ransomware wakhtiga loo qabtay, waxay ku hanjabi doonaan inay xogtaada si guud u soo dhejiyaan ama ay kordhiyaan lacagta madax furashada. Waxa laga yaabaa inay xitaa ku hanjabaan inay tirtirayaan dhammaan xogta oo ay ka dhigaan kombuyuutarrada ganacsigaaga kuwo aan shaqaynayn ama ka dhigi mishiinka mid aan la kicin iyaga oo dib u qoraya Diiwaanka Bootka Master^{(Master Boot Record)} -ka .

Sidee ku helaysaa Ransomware iyo sida uu u shaqeeyo

Saxeexa software-ka-hortagga malware-ka ayaa laga yaabaa ama laga yaabaa inuuna caawinaad badan lahayn. Waxaad u baahan tahay inaad xoojiso difaacaaga adigoo isticmaalaya mid ka mid ah software-kan anti-ransomware^{(anti-ransomware software)} iyo/ama Soo-oggolaanshaha & software ka-hortagga , kuwaas oo ku salaysan habdhaqan. Mar labaad^(Again) , waxaa jira qaar ka mid ah tillaabooyinka aasaasiga ah ee uu qofku qaadi karo si looga hortago madax-furasho^{(prevent ransomware)} ama uu si dhakhso leh uga soo kabsado, sida cusboonaysiinta nidaamkaaga hawlgalka, isticmaalka software ammaan oo wanaagsan^{(good security software)} oo si joogto ah u taageeraya xogtaada offline. laakiin in kasta oo waxaas oo dhan ay jiraan, haddana way dhici kartaa in aad noqoto dhibane madaxfurasho.

Sidee tani ku dhacdaa?^{(How does this happen?)}

Hagaag, waxaad ka helaysaa lifaaqa iimaylka meel aan la garanayn oo aad gujiso si aad u furto. Ma aha wax aan waxba galabsan sida aad u malaysay. Waxay noqon kartaa fayl xaasidnimo ah oo ku kicin kara gujintaada, ka dibna u sii socota si ay u xidho faylashaada, ama waxay sii socon kartaa soo dejinta kood xaasidnimo badan, kaas oo isna sirin kara faylashaada oo ka dhigi kara kuwo la heli karo ama aan la isticmaali karin.

Ama waxaad booqan kartaa mareeg la jabsaday, kaasoo xataa qofka iska leh uusan ka warqabin. Waxaa laga yaabaa inaadan gujin wax - si fudud u booqashadiisa waxay dhalin kartaa soo dejinta Trojan -ka xaasidka ah, kaas oo soo dejisan kara oo keeni kara culays, kaas oo sii socon kara si uu u waxyeeleeyo nidaamkaaga.

Mar labaad, shabakadaha xayaysiisyada onlaynka ah way jabi karaan waxaana laga yaabaa in mulkiilaha shabakadu aanu xitaa ka warqabin. Waxaad booqatay degel sharci ah oo nadiif ah oo u adeega xayeysiiskan u muuqda mid aan waxba galabsan oo aad gujiso - iyo BAM - ficilku waa la bilaabi karaa kaas oo soo dejinaya koodka xaasidnimada ah Windows PC gaaga.

Isticmaalka software dillaacsan, soo-saareyaasha furaha software-ka, shabakadaha P2P , waxay suurtogal u tahay in ay waxyeeleeyaan kombiyuutarkaaga. Xataa adeegsiga ransomware-ku USB -ga caabuqay waxa ay waxyeeleyn kartaa kombayutarkaga.

Sideen ku ogaan karaa haddii aan qabo cudurka Ransomware ?

Waxaad ogtahay inaad tahay dhibane ransomware marka aad ogaato in faylashaada, sawiradaada iyo xogtaada la siryay oo aadan awoodin inaad furto faylasha. Tan waxa dheer, waxaad si joogto ah u arki kartaa shaashad soo baxday oo ku weydiinaysa inaad bixiso madaxfurasho, ama wajihi tirtir faylashaada.

This is where having backups can help! If you have backed up your files, you could simply ignore the warnings, format and clean install your Windows OS and restore your backed-up files.

Calaamadaha kale ee sheeko-sheeko ee aad arki karto waa haddii aad ogaato in software-kaagu uu naafo yahay ama laga dhigay mid aan waxtar lahayn, Dib u soo celinta Nidaamkaaga^{(System Restore)} ama Dayactirka Bilawga^{(Startup Repair)} waa la joojiyay ama haddii qaar ka mid ah Adeegyada ^(Services)Windows ee muhiimka ah sida Windows Update , Adeegga Wareejinta Sirdoonka ee Background^{(Background Intelligent Transfer Service)} , WinDefend , Windows^{(Windows Shadow)} Nuqullada hadhku waa la joojiyay

Waxa la sameeyo ka dib weerarka Ransomware

Haddii aad ogaato in kombuyuutarkaaga uu ku xidhan yahay ransomware, waa inaad qaaddaa tillaabooyinka soo socda:

1] Haddii kombuyuutarku ka tirsan yahay shabakad, ka saar nidaamka cudurka qaba shabakadda

2] Haddii aad rabto, waxaad samayn kartaa nuqul ka mid ah diskkaaga ama faylalka ay saameeyeen falanqaynta ka dib.

3] Haddii aad leedahay nidaam caafimaad leh oo dib u soo celinta, eeg haddii aad dib u noqon karto oo arag haddii ay taasi kuu shaqeyso.

4] Haddii aad haysatid kaydkii ugu dambeeyay ee xogtaada, xitaa ka sii fiican. Qaabee^(Format) oo nadiifi dib u rakib Windows oo soo celi xogtaadii lagu taageeray si aad u samayso bilow cusub.

5] Eeg haddii aad isticmaali karto sifada Adeegga Nuqulka Mugga Shadow si aad u soo ceshato noocyadii hore ee faylalka. Freeware ShadowExplorer ayaa laga yaabaa inay wax fududeeyaan.

6] Ku gal Habka Badbaadada^{(Boot into Safe Mode)} ah oo socodsii software^{(antivirus software)} -ka ka-hortaggaaga si qoto-dheer oo rajaynaya inay awood u leedahay inay jeermiska ka saarto kombiyuutarkaaga. Fursadaha ma noqon doonto, laakiin wax dhib ah ma keenayso isku dayga.

7] Marka xigta, aqoonso Ransomware- ka kaas oo ku dhacay kombayutarkaaga. Taas awgeed, waxaad isticmaali kartaa adeeg online ah oo bilaash ah oo la yiraahdo ID Ransomware .

8] Haddii aad awooddo inaad aqoonsato ransomware-ka, hubi haddii qalabka fur-furan ee ransomware uu diyaar u yahay nooca ransomware-ka. Ka dib qaado caawinta mid ka mid ah qalabkan furashada furaha ee^{(ransomware decryptor tools)} hadda la heli karo.

9] Haddii Ransomware uu gebi ahaanba xannibay gelitaanka kombiyuutarkaaga ama xitaa xaddiday gelitaanka xulashada hawlaha muhiimka ah, isticmaal  Kaspersky WindowsUnlocker maadaama ay nadiifin karto Diiwaanka^(Registry) madax-furasha-u-gaaray , oo ay dib kuugu soo celiso.

10] Waxaa laga yaabaa inaad rabto inaad caawiso CryptoSearch , qalab bilaash ah oo tilmaamaya faylalka Ransomware-sireed^{(Ransomware-encrypted)} & ka dibna u wareejiya meel cusub oo lagu ilaalinayo.

11] Iyadoo ay fududahay in lagu taliyo in aanad bixin dambiilayaasha internetka haddii xogtaadu ay muhiim tahay oo aadan haysan doorasho kale oo aan ahayn inaad dib u hesho, bixinta madaxfurashada waa ikhtiyaarka kaliya ee aad haysato. Qaar badan ayaa tan sameeyay, nasiib darro - in kasta oo ayan jeclayn inay tan si cad u qirtaan. Laakiin tani waa xaqiiqda adag ee nolosha. Markaa adiga ama ururkaagu waa inaad tan wacdaan. Si kastaba ha ahaatee, waxaa laga yaabaa inaad rabto inaad sidoo kale u sheegto masuuliyiinta fulinta sharciga internetka ee dalkaaga.

Ugu dambayntii^{(] Finally)} , xasuusnoow inaad ku wargeliso keeskaaga madaxfurasho unugta dembiyada internetka, maamulka booliiska, ama FBI -da . Xiriirintaan ayaa kuu sheegi doonta halka aad ka warbixin karto ransomware^{(report ransomware)} .

Markaad furto feylasha oo aad ka saarto madaxfurasho, waxaad isticmaali kartaa RansomNoteCleaner si aad uga saarto Xusuus-qorka Ransomware^{(Ransomware Notes)} iyo qashinka kale ee haraaga ah.

Wacan oo dhan.^{(All the best.)}

What to do after a Ransomware attack on your Windows computer?

What is a Ransomware virus attack? How do you get Ransomware and how does it work? What to do after a ransomware attack? Thiѕ post will try and discuss all thеse queѕtions and suggest ways on how to deal with & recover from Ransomware attacks on Windows computers. This post also gives links where you can report Ransomware to the FBI, Police, or appropriate authorities.

Ransomware is on the rise, and as a computer user, you may have surely heard of this term by now. It is now a very popular form of malware that is used by malicious code writers, to infect a user’s computer and then make money, by demanding a ransom amount from the user. Whether it is Petya or Locky ransomware, every other day, we get to read about this latest emerging malware. This class of malware seems to be the favorite now as it is very profitable – with the amount earned through this malicious activity, running into millions of dollars. Lockdown user’s files and data, and then demand money to unlock them – that is the modus operandi in a line!

If your computer has been infected by the ‘usual Virus’, then this Malware Removal Guide will help you. But if you need to recover from a Ransomware attack, then read on.

What is Ransomware

Ransomware is a type of malware that is delivered through your computer system through infected email attachments, drive-by-downloads, socially engineered malware, malvertising, or unknowingly via hacked websites. Once on your system, ransomware gets to work and starts encrypting and locking down your files.

It then makes a demand to you, usually via a pop-up on your computer screen asking you to deliver a ransom in currency or by BitCoins, in exchange for a key that will unlock your inaccessible files, folders, and data.

If you do not pay the Ransomware cyber-criminals within the stipulated time, they will threaten to post your data publicly or increase the ransom payment amount. They may even threaten to erase all data and render your business computers inoperable or render the machine unbootable by overwriting the Master Boot Record.

How do you get Ransomware and how does it work

The signature-based anti-malware software may or may not be of much help. You need to fortify your defenses using one of these anti-ransomware software and/or Intrusion Detection & Prevention software, which are behavior-based. Again, there are some basic steps one can take to prevent ransomware or recover faster from it, like updating your operating system, using a good security software and regularly backing up your data offline. but in spite of all this, it can still happen that you end up being a victim of some ransomware.

How does this happen?

Well, you receive an email attachment from an unknown source and you click on it to open it. It is not something innocent as you may have thought. It could be a malicious file that could get triggered by your click, and which go on to lock down your files, or it could go on to download more malicious code, which in turn could encrypt your files and make them inaccessible or unusable.

Or you could visit a hacked website, which even its owner may not be aware of. You may or may not click on anything – simply visiting it may trigger a malicious Trojan download, which could download and deliver a payload, that could go on to infect your system.

Then again, online advertising networks can get compromised and the network owner may not even know about it. You visit a clean legitimate website that serves this seemingly innocent ad and you click on it – and BAM – action could be initiated which downloads malicious code to your Windows PC.

Using cracked software, software key generators, P2P networks, can potentially infect your computer. Even using a ransomware-infected USB could infect your computer.

How do I know if I am infected with Ransomware?

You know that you are a victim of ransomware when you find that your files, images & data have been encrypted and you are unable to open the files. In addition to this, you could frequently get to see a popup screen asking you to pay a ransom, or face deletion of your files.

This is where having backups can help! If you have backed up your files, you could simply ignore the warnings, format and clean install your Windows OS and restore your backed-up files.

Other tell-tale signs you can see is if you find that your security software has been disabled or rendered ineffective, your System Restore or Startup Repair has been disabled or if some critical Windows Services like Windows Update, Background Intelligent Transfer Service, WinDefend, Windows Shadow Copies have been disabled.

What to do after a Ransomware attack

In case you find that your computer has been locked by ransomware, you should take the following steps:

1] If your computer is part of a network, remove the infected system from the network

2] If you wish, you can create a copy of your disk or the impacted files for analysis later on., which may be needed for the decryption of files.

3] If you have a healthy system restore point, see if you can go back and see if that works for you.

4] If you have recent backups of your data, even better. Format and clean reinstall Windows and restore your backed-up data to make a fresh start.

5] See if you can use the Shadow Volume Copy Service feature to recover older versions of the files. Freeware ShadowExplorer may make things easier.

6] Boot into Safe Mode and run your antivirus software deep-scan and hope that it is able to disinfect your computer. Chances are it won’t, but no harm in trying.

7] Next, identify the Ransomware which has infected your computer. For this, you may use a free online service called ID Ransomware.

8] If you are able to identify the ransomware, check if a ransomware decrypt tool is available for your type of ransomware. Then take the help of one of these ransomware decryptor tools which are presently available.

9] If the Ransomware totally blocked access to your computer or even restricted access to select important functions, use Kaspersky WindowsUnlocker as it can clean up a ransomware-infected Registry, and gives you access back.

10] Maybe you want to take the help of CryptoSearch, a free tool that identifies Ransomware-encrypted files & then transfers them to a new location for safekeeping.

11] While it is easy to recommend not paying the cyber-criminals if your data is critical and you have no choice but to have access to it back, paying the ransom is the only option you have. Many have done this, unfortunately – although they do not like to acknowledge this publicly. But this is the hard fact of life. So you or your organization will have to take a call on this. In any case, you may want to also alert the cyber law enforcement authorities in your country.

12] Finally, remember to report your ransomware case to your local cybercrime cell, police authorities, or the FBI. This link will tell you where you can report ransomware.

Once you have decrypted the files and removed the ransomware, you may use RansomNoteCleaner to remove the Ransomware Notes & other residual junk left behind.

All the best.

Related posts

• Anti-Ransomware software bilaash ah oo loogu talagalay kombiyuutarada Windows

• Daar oo ku habbee Ilaalinta Ransomware ee Difaaca Windows

• Ilaalinta Ransomware gudaha Windows 11/10

• Abuur sharciyada iimaylka si aad uga hortagto Ransomware gudaha Microsoft 365 Business

• McAfee Ransomware Recover (Mr2) ayaa kaa caawin kara furista faylasha

• Sida looga ilaaliyo loogana hortago weerarada Ransomware & caabuqyada

• Sida loo furo guryaha nidaamka ee Control Panel gudaha Windows 11/10

• Liiska Qalabka Decryption Ransomware ee bilaashka ah si loo furo faylasha

• La wadaag faylasha qof kasta oo leh meel kasta u dir Windows PC

• Sida loo yareeyo Weerarada Ransomware-ku shaqeeyo ee bini'aadamka: Xog-waraysi

• Sida loo rakibo Drupal adoo isticmaalaya WAMP Windows

• Weerarada Ransomware, Qeexid, Tusaalayaal, Ilaalinta, Bixinta

• Microsoft Intune miyaanay wada shaqayn? Ku qas Intune in ay isku xidho Windows 11/10

• Sida loo beddelo kamaradaha caadiga ah ee kumbuyuutarka Windows 11/10

• Sida loo beddelo cabbirka Taskbar ee Windows 11

• Ku billow faylasha si fudud myLauncher for Windows 10 kombiyuutarada

• Sida loo damiyo Badbaadada Cusbooneysiinta Muuqaalka ee Windows 10

• Hagaaji cilada Cusboonaysiinta Windows 0x80070422 gudaha Windows 10

• Hagaaji Crypt32.dll lagama helin ama khalad ka maqan Windows 11/10

• Sida loo beddelo darawallada adag ee gudaha Windows 11/10 oo leh Hot Swap